<?php
    if(!is_array($_GET))
	{
	 	die('system error');
	}
	if(isset($_GET['referer']) && $_GET['referer'] == 'glbpay')
	{
		$order_id = $_GET['remark2'];
		require('includes/modules/payment/glbpay/glbpay_application_top.php');
		$_SESSION['order_number_created']=$order_id;
		$ordersql="select * from " . TABLE_ORDERS . " where orders_id = '" . (int)$order_id."'";
		$orderinfo=$db->Execute($ordersql);
		if($orderinfo->recordCount() <1)
		{
			$messageStack->add_session('account', 'Not found order which order id is ' . $order_id, 'error');
			zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
		}
		if($orderinfo->fields['orders_status'] == MODULE_PAYMENT_GLBPAY_ORDER_STATUS_ID)
		{
			$_SESSION['cart']->reset(true);
      		unset($_SESSION['sendto']);
    		unset($_SESSION['billto']);
    		unset($_SESSION['shipping']);
      		unset($_SESSION['payment']);
      		unset($_SESSION['comments']);
		    zen_redirect(zen_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
		}
		elseif($orderinfo->fields['orders_status']!=MODULE_PAYMENT_GLBPAY_PROCESSING_STATUS_ID)
		{
			$messageStack->add_session('account', 'Your Order ID is '.$order_id .', and order status has been chenged!', 'error');
			zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
		}
		//-------------
		//  revieve data
		//-------------
		//base info 
		$version=$_GET['version'];
		$encoding=$_GET['encoding'];
		$lang=$_GET['language'];
		$merchantid=$_GET['merchantid'];
		$transtype=$_GET['transtype'];
		$orderid=$_GET['orderid'];
		$orderdate=$_GET['orderdate'];
		$currency=$_GET['currency'];
		$orderamount=$_GET['orderamount'];
		$paycurrency=$_GET['paycurrency'];
		$payamount=$_GET['payamount'];
		$remark1=$_GET['remark1'];
		$remark2=$_GET['remark2'];
		$remark3=$_GET['remark3'];
		//pay result
		$glbpayid=$_GET['transid'];
		$glbpaydate=$_GET['transdate'];
		$status=$_GET['status'];
		$msg=$_GET['message'];
		$signature=$_GET['signature'];
		if($status=="Y")
		{
			$haskkey = trim(MODULE_PAYMENT_GLBPAY_SSLKEY);//get cert
			$strcontent=$version . $encoding . $lang . $merchantid . $transtype . $orderid .
				        $orderdate . $currency. $orderamount . $paycurrency . $payamount .$remark1 . $remark2 .
						$remark3  . $glbpayid . $glbpaydate . $status;

			$getsignature=md5($haskkey . $strcontent);
			if(!($getsignature==$signature))//signature
			{
				$messageStack->add_session('account', 'Signature error! Your Order ID is '.$order_id .'. Please contact the seller or Re-pay it in your order history list.', 'error');
			    zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
			}

		    $sql_order_update=array('orders_status' => MODULE_PAYMENT_GLBPAY_ORDER_STATUS_ID);
		    zen_db_perform(TABLE_ORDERS, $sql_order_update, 'update', 'orders_id=' . (int) $order_id);
		    $sql_data_array = array('orders_id' => $order_id,
		                            'orders_status_id' => MODULE_PAYMENT_GLBPAY_ORDER_STATUS_ID,
		                            'date_added' => 'now()',
		                            'comments' => 'OrderID:'. $glbpayid,
		                            'customer_notified' => '0'
		                         );
		    zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
		    $_SESSION['cart']->reset(true);
      		unset($_SESSION['sendto']);
    		unset($_SESSION['billto']);
    		unset($_SESSION['shipping']);
      		unset($_SESSION['payment']);
      		unset($_SESSION['comments']);
		    zen_redirect(zen_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
		}
		else
		{
			$_SESSION['cart']->reset(true);
			$messageStack->add_session('account', 'Order #'.$order_id .' failed to pay. Because of '.$msg.', you can Re-pay it in your order history list.', 'error');
			zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
		}
	}
	else
	{
		$messageStack->add_session('checkout_payment', 'referer error', 'error');
		zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
	}
?>
